Today, a user may receive services from a variety of service providers, such as broadcast television networks, cable television networks, digital satellite systems, and internet service providers. Most television receivers are capable of receiving unscrambled information or programs directly from broadcast and cable networks. Cable networks providing scrambled programs usually require a separate stand alone set-top box to descramble the program. Similarly, digital satellite systems usually provide scrambled programs that also require the use of a separate set-top box. These set-top boxes may utilize a removable smart card which contain the keys necessary for recovering the descrambling keys. Protection of these important keys is paramount to prevent unauthorized copying of the programs.
Conditional access systems allow access to services (e.g., television, internet, etc.) based on payment and/or other requirements, such as authorization,
FIG. 7 shows a conventional conditional access system architecture. The information or content (e.g., television program, movie, etc.) and the entitlement messages are protected (e.g., encrypted) before they are delivered to the subscriber. Presently, there are two (2) types of entitlement messages associated with each program or service. Entitlement control messages (ECMs) carry descrambling keys (sometimes referred to as ‘control words’) and a brief description of the program (e.g., program number, date, time, cost, etc.). Entitlement management messages (EMMs) specify the service-related authorization levels (e.g., indicating the type or service, the duration of the service, etc.). The EMMs can be distributed on the same channel as the service, or may be sent on a separate channel, such as a telephone line. The ECMs are typically multiplexed and sent with the associated program.
FIG. 8 shows a conventional transmitter side architecture for a conditional access system, such as the one shown in FIG. 7. As will be understood, streams of audio, video and data from the service are multiplexed before they are scrambled, modulated and sent to the receiver (i.e., subscriber).
FIG. 9 shows a conventional receiver side architecture for a conditional access system, such as the one shown in FIG. 7. As will be understood, the received bit stream is demodulated, decrypted and decompressed before separate audio, video and data streams are sent to the display device (e.g., television screen).
Encryption-based technologies are widely used for protecting distributed content. If the subscriber is authorized to watch a particular protected program, the program is descrambled and sent to a display (e.g., television screen) for viewing. In most conditional access systems, the subscriber will have a digital device (e.g., set-top box, digital television, digital videocassette recorder) which includes a smart card for descrambling the program based on the EMMs and ECMs.
Programs are typically scrambled using symmetric ciphers such as the Data Encryption Standard (DES). For security reasons, the scrambling key (and hence the ECM) is changed frequently, the period of change being on the order of a few seconds. Although the conditional access provider often privately defines the protection of the ECMs, public key cryptography is a viable tool for transporting keys from the service provider to the subscribers. The descrambling keys are encrypted with a public key on the transmitter side, and recovered by the corresponding private key (stored in the smart card of the receiver) on the receiver side.
However, public key cryptography has significant drawbacks. For example, public key schemes are significantly slower than symmetric key schemes, and often have longer keys (i.e., keys with more alpha-numeric characters). Additionally, computationally demanding algorithms (such as RSA described above) are required in order to recover the key.
Separating the security functionality from the navigational functionality (i.e., channel surfing) in these digital devices is important. Separation allows device manufacturers to produce devices which operate independently of the specific conditional access systems. This is important for two reasons:                (1) Until recently set-top boxes were not readily available at retail stores; they were manufactured for cable companies who delivered them directly to the subscriber. Major consumer electronics manufacturers and electronics retailers have objected to this practice as monopolistic.        (2) From a security standpoint, if the keys are discovered (‘hacked’), the conditional access provider needs only to replace the smart card in the affected devices (e.g., set-top boxes), and not reconfigure the entire system.        
Thus, there is presently a need for a scheme for protecting information which utilizes a concept other than public key cryptography, such as threshold cryptography.